[Bug]#1108: Rename a private method keyword argument (which was named
async) so that we’re compatible with the upcoming Python 3.7 release
(where async is a new keyword.) Thanks to @vEpiphyte for the report.

[Bug]#1108: Rename a private method keyword argument (which was named
async) so that we’re compatible with the upcoming Python 3.7 release
(where async is a new keyword.) Thanks to @vEpiphyte for the report.

[Feature]: Add a new passphrase kwarg to SSHClient.connect so users may disambiguate key-decryption
passphrases from password-auth passwords. (This is a backwards compatible
change; password will still pull double duty as a passphrase when
passphrase is not given.)

[Support]#1070: Drop Python 2.6 and Python 3.3 support; now only 2.7 and 3.4+
are supported. If you’re unable to upgrade from 2.6 or 3.3, please stick to
the Paramiko 2.3.x (or below) release lines.

[Support]: Include LICENSE file in wheel archives.

[Support]#1100: Updated the test suite & related docs/metadata/config to be
compatible with pytest instead of using the old, custom, crufty
unittest-based test.py.

This includes marking known-slow tests (mostly the SFTP ones) so they can be
filtered out by invtest‘s default behavior; as well as other minor
tweaks to test collection and/or display (for example, GSSAPI tests are
collected, but skipped, instead of not even being collected by default as in
test.py.)

[Support]: Update tearDown of client test suite to avoid hangs due to
eternally blocking accept() calls on the internal server thread (which
can occur when test code raises an exception before actually connecting to
the server.)

[Bug]#1071: Certificate support broke the no-certificate case for Ed25519
keys (symptom is an AttributeError about public_blob.) This went
uncaught due to cert autoload behavior (i.e. our test suite never actually
ran the no-cert case, because the cert existed!) Both issues have been fixed.
Thanks to John Hu for the report.

The core implementation is PKey.load_certificate and its corresponding .public_blob
attribute on key objects, which is honored in the auth and transport modules.
Additionally, SSHClient.connect will
now automatically load certificate data alongside private key data when one
has appropriately-named cert files (e.g. id_rsa-cert.pub) - see its
docstring for details.

Thanks to Jason Rigby for a first draft (#531) and to Paul Kapp for
the second draft, upon which the current functionality has been based (with
modifications.)

Note

This support is client-focused; Paramiko-driven server code is capable of
handling cert-bearing pubkey auth packets, but it does not interpret any
cert-specific fields, so the end result is functionally identical to a
vanilla pubkey auth process (and thus requires e.g. prepopulated
authorized-keys data.) We expect full server-side cert support to follow
later.

[Feature]#1013: Added pre-authentication banner support for the server
interface (ServerInterface.get_banner plus related support in
Transport/AuthHandler.) Patch courtesy of Dennis Kaarsemaker.

[Feature]#1026: Update Ed25519Key so its constructor
offers the same file_obj parameter as its sibling key classes. Credit:
Michal Kuffa.

[Feature]#1063: Add a gss_trust_dns option to Client and
Transport to allow explicitly setting whether or not DNS canonicalization
should occur when using GSSAPI. Thanks to Richard E. Silverman for the report
& Sebastian Deiß for initial patchset.

[Bug]#60: (via #1037) Paramiko originally defaulted to zlib
compression level 9 (when one connects with compression=True; it defaults
to off.) This has been found to be quite wasteful and tends to cause much
longer transfers in most cases, than is necessary.

OpenSSH defaults to compression level 6, which is a much more reasonable
setting (nearly identical compression characteristics but noticeably,
sometimes significantly, faster transmission); Paramiko now uses this value
instead.

Thanks to Damien Dubé for the report and @DrNeutron for investigating &
submitting the patch.

[Support]#1012: (via #1016) Enhance documentation around the new
SFTP.posix_rename method so
it’s referenced in the ‘standard’ rename method for increased visibility.
Thanks to Marius Flage for the report.

[Support]#1041: Modify logic around explicit disconnect
messages, and unknown-channel situations, so that they rely on centralized
shutdown code instead of running their own. This is at worst removing some
unnecessary code, and may help with some situations where Paramiko hangs at
the end of a session. Thanks to Paul Kapp for the patch.

[Support]: Display exception type and message when logging auth-rejection
messages (ones reading Authrejected:unsupportedormangledpublickey);
previously this error case had a bare except and did not display exactly why
the key failed. It will now append info such as KeyError:'some-unknown-type-string' or similar.

[Support]: Ed25519 keys never got proper API documentation support; this
has been fixed.

[Support]#979: Update how we use Cryptography‘s
signature/verification methods so we aren’t relying on a deprecated API.
Thanks to Paul Kehrer for the patch.

Warning

This bumps the minimum Cryptography version from 1.1 to 1.5. Such an
upgrade should be backwards compatible and easy to do. See their changelog for additional details.

[Bug]#945: (backport of #910 and re: #865) SSHClient
now requests the type of host key it has (e.g. from known_hosts) and does not
consider a different type to be a “Missing” host key. This fixes a common
case where an ECDSA key is in known_hosts and the server also has an RSA host
key. Thanks to Pierce Lopez.

[Bug]#1055: (also #1056, #1057, #1058,
#1059) Fix up host-key checking in our GSSAPI support, which was
previously using an incorrect API call. Thanks to Anselm Kruis for the
patches.

[Bug]#1061: Clean up GSSAPI authentication procedures so they do not prevent
normal fallback to other authentication methods on failure. (In other words,
presence of GSSAPI functionality on a target server precluded use of _any_
other auth type if the user was unable to pass GSSAPI auth.) Patch via Anselm
Kruis.

[Bug]#1065: Add rekeying support to GSSAPI connections, which was erroneously
missing. Without this fix, any attempt to renegotiate the transport keys for
a gss-kex-authed Transport would cause a MIC
failure and terminate the connection. Thanks to Sebastian Deiß and Anselm
Kruis for the patch.

[Bug]#990: The (added in 2.2.0) bcrypt dependency should have been on
version 3.1.3 or greater (was initially set to 3.0.0 or greater.) Thanks to
Paul Howarth for the report.

[Bug]#993: Ed25519 host keys were not comparable/hashable, causing an
exception if such a key existed in a known_hosts file. Thanks to Oleh
Prypin for the report and Pierce Lopez for the fix.

[Bug]#945: (backport of #910 and re: #865) SSHClient
now requests the type of host key it has (e.g. from known_hosts) and does not
consider a different type to be a “Missing” host key. This fixes a common
case where an ECDSA key is in known_hosts and the server also has an RSA host
key. Thanks to Pierce Lopez.

[Bug]#1055: (also #1056, #1057, #1058,
#1059) Fix up host-key checking in our GSSAPI support, which was
previously using an incorrect API call. Thanks to Anselm Kruis for the
patches.

[Bug]#1061: Clean up GSSAPI authentication procedures so they do not prevent
normal fallback to other authentication methods on failure. (In other words,
presence of GSSAPI functionality on a target server precluded use of _any_
other auth type if the user was unable to pass GSSAPI auth.) Patch via Anselm
Kruis.

[Bug]#1065: Add rekeying support to GSSAPI connections, which was erroneously
missing. Without this fix, any attempt to renegotiate the transport keys for
a gss-kex-authed Transport would cause a MIC
failure and terminate the connection. Thanks to Sebastian Deiß and Anselm
Kruis for the patch.

[Bug]#990: The (added in 2.2.0) bcrypt dependency should have been on
version 3.1.3 or greater (was initially set to 3.0.0 or greater.) Thanks to
Paul Howarth for the report.

[Bug]#993: Ed25519 host keys were not comparable/hashable, causing an
exception if such a key existed in a known_hosts file. Thanks to Oleh
Prypin for the report and Pierce Lopez for the fix.

[Bug]#945: (backport of #910 and re: #865) SSHClient
now requests the type of host key it has (e.g. from known_hosts) and does not
consider a different type to be a “Missing” host key. This fixes a common
case where an ECDSA key is in known_hosts and the server also has an RSA host
key. Thanks to Pierce Lopez.

[Bug]#1055: (also #1056, #1057, #1058,
#1059) Fix up host-key checking in our GSSAPI support, which was
previously using an incorrect API call. Thanks to Anselm Kruis for the
patches.

[Bug]#1061: Clean up GSSAPI authentication procedures so they do not prevent
normal fallback to other authentication methods on failure. (In other words,
presence of GSSAPI functionality on a target server precluded use of _any_
other auth type if the user was unable to pass GSSAPI auth.) Patch via Anselm
Kruis.

[Bug]#1065: Add rekeying support to GSSAPI connections, which was erroneously
missing. Without this fix, any attempt to renegotiate the transport keys for
a gss-kex-authed Transport would cause a MIC
failure and terminate the connection. Thanks to Sebastian Deiß and Anselm
Kruis for the patch.

[Bug]#945: (backport of #910 and re: #865) SSHClient
now requests the type of host key it has (e.g. from known_hosts) and does not
consider a different type to be a “Missing” host key. This fixes a common
case where an ECDSA key is in known_hosts and the server also has an RSA host
key. Thanks to Pierce Lopez.

[Bug]#1055: (also #1056, #1057, #1058,
#1059) Fix up host-key checking in our GSSAPI support, which was
previously using an incorrect API call. Thanks to Anselm Kruis for the
patches.

This change adds the bcrypt and pynacl Python libraries as
dependencies. No C-level dependencies beyond those previously required (for
Cryptography) have been added.

[Feature]#951: Add support for ECDH key exchange (kex), specifically the
algorithms ecdh-sha2-nistp256, ecdh-sha2-nistp384, and
ecdh-sha2-nistp521. They now come before the older diffie-hellman-*
family of kex algorithms in the preferred-kex list. Thanks to Shashank
Veerapaneni for the patch & Pierce Lopez for a follow-up.

[Feature]#869: Add an auth_timeout kwarg to SSHClient.connect (default: 30s) to avoid hangs when the
remote end becomes unresponsive during the authentication step. Credit to
@timsavage.

Note

This technically changes behavior, insofar as very slow auth steps >30s
will now cause timeout exceptions instead of completing. We doubt most
users will notice; those affected can simply give a higher value to
auth_timeout.

[Bug]#683: Make util.log_to_file append instead of replace.
Thanks to @vlcinsky for the report.

[Bug]#949: SSHClient and Transport could cause a memory leak if
there’s a connection problem or protocol error, even if Transport.close()
is called. Thanks Kyle Agronick for the discovery and investigation, and
Pierce Lopez for assistance.

[Bug]#794: (via #981) Prior support for ecdsa-sha2-nistp(384|521)
algorithms didn’t fully extend to covering host keys, preventing connection
to hosts which only offer these key types and no others. This is now fixed.
Thanks to @ncoult and @kasdoe for reports and Pierce Lopez for the
patch.

[Bug]#900: (via #911) Prefer newer ecdsa-sha2-nistp keys over RSA
and DSA keys during host key selection. This improves compatibility with
OpenSSH, both in terms of general behavior, and also re: ability to properly
leverage OpenSSH-modified known_hosts files. Credit: @kasdoe for
original report/PR and Pierce Lopez for the second draft.

[Bug]#667: The RC4/arcfour family of ciphers has been broken since version
2.0; but since the algorithm is now known to be completely insecure, we are
opting to remove support outright instead of fixing it. Thanks to Alex Gaynor
for catch & patch.

[Bug]#741: (also #809, #772; all via #912) Writing
encrypted/password-protected private key files was silently broken since 2.0
due to an incorrect API call; this has been fixed.

Includes a directly related fix, namely adding the ability to read
AES-256-CBC ciphered private keys (which is now what we tend to write out
as it is Cryptography’s default private key cipher.)

Thanks to @virlos for the original report, Chris Harris and @ibuler
for initial draft PRs, and @jhgorrell for the final patch.

[Bug]#971: Allow any type implementing the buffer API to be used with
BufferedFile, Channel, and SFTPFile.
This resolves a regression introduced in 1.13 with the Python 3 porting
changes, when using types such as memoryview. Credit: Martin Packman.

[Bug]#984: Enhance default cipher preference order such that
aes(192|256)-cbc are preferred over blowfish-cbc. Thanks to Alex
Gaynor.

[Bug]#865: SSHClient now requests the type of host key it has (e.g. from
known_hosts) and does not consider a different type to be a “Missing” host
key. This fixes a common case where an ECDSA key is in known_hosts and the
server also has an RSA host key. Thanks to Pierce Lopez.

[Support]#974: Overhaul the codebase to be PEP-8, etc, compliant
(i.e. passes the maintainer’s preferred flake8
configuration) and add a flake8 step to the Travis config. Big thanks to
Dorian Pula!

[Support]: A big formatting pass to clean up an enormous number
of invalid Sphinx reference links, discovered by switching to a modern,
rigorous nitpicking doc-building mode.

[Support]#956: Switch code coverage service from
coveralls.io to codecov.io (& then disable the latter’s auto-comments.)
Thanks to Nikolai Røed Kristiansen for the patch.

[Bug]#683: Make util.log_to_file append instead of replace.
Thanks to @vlcinsky for the report.

[Bug]#949: SSHClient and Transport could cause a memory leak if
there’s a connection problem or protocol error, even if Transport.close()
is called. Thanks Kyle Agronick for the discovery and investigation, and
Pierce Lopez for assistance.

[Bug]#794: (via #981) Prior support for ecdsa-sha2-nistp(384|521)
algorithms didn’t fully extend to covering host keys, preventing connection
to hosts which only offer these key types and no others. This is now fixed.
Thanks to @ncoult and @kasdoe for reports and Pierce Lopez for the
patch.

[Bug]#900: (via #911) Prefer newer ecdsa-sha2-nistp keys over RSA
and DSA keys during host key selection. This improves compatibility with
OpenSSH, both in terms of general behavior, and also re: ability to properly
leverage OpenSSH-modified known_hosts files. Credit: @kasdoe for
original report/PR and Pierce Lopez for the second draft.

[Bug]#667: The RC4/arcfour family of ciphers has been broken since version
2.0; but since the algorithm is now known to be completely insecure, we are
opting to remove support outright instead of fixing it. Thanks to Alex Gaynor
for catch & patch.

[Bug]#741: (also #809, #772; all via #912) Writing
encrypted/password-protected private key files was silently broken since 2.0
due to an incorrect API call; this has been fixed.

Includes a directly related fix, namely adding the ability to read
AES-256-CBC ciphered private keys (which is now what we tend to write out
as it is Cryptography’s default private key cipher.)

Thanks to @virlos for the original report, Chris Harris and @ibuler
for initial draft PRs, and @jhgorrell for the final patch.

[Bug]#971: Allow any type implementing the buffer API to be used with
BufferedFile, Channel, and SFTPFile.
This resolves a regression introduced in 1.13 with the Python 3 porting
changes, when using types such as memoryview. Credit: Martin Packman.

[Bug]#984: Enhance default cipher preference order such that
aes(192|256)-cbc are preferred over blowfish-cbc. Thanks to Alex
Gaynor.

[Bug]#865: SSHClient now requests the type of host key it has (e.g. from
known_hosts) and does not consider a different type to be a “Missing” host
key. This fixes a common case where an ECDSA key is in known_hosts and the
server also has an RSA host key. Thanks to Pierce Lopez.

[Support]#974: Overhaul the codebase to be PEP-8, etc, compliant
(i.e. passes the maintainer’s preferred flake8
configuration) and add a flake8 step to the Travis config. Big thanks to
Dorian Pula!

[Support]: A big formatting pass to clean up an enormous number
of invalid Sphinx reference links, discovered by switching to a modern,
rigorous nitpicking doc-building mode.

[Support]#956: Switch code coverage service from
coveralls.io to codecov.io (& then disable the latter’s auto-comments.)
Thanks to Nikolai Røed Kristiansen for the patch.

[Bug]#683: Make util.log_to_file append instead of replace.
Thanks to @vlcinsky for the report.

[Bug]#949: SSHClient and Transport could cause a memory leak if
there’s a connection problem or protocol error, even if Transport.close()
is called. Thanks Kyle Agronick for the discovery and investigation, and
Pierce Lopez for assistance.

[Bug]#971: Allow any type implementing the buffer API to be used with
BufferedFile, Channel, and SFTPFile.
This resolves a regression introduced in 1.13 with the Python 3 porting
changes, when using types such as memoryview. Credit: Martin Packman.

[Support]#956: Switch code coverage service from
coveralls.io to codecov.io (& then disable the latter’s auto-comments.)
Thanks to Nikolai Røed Kristiansen for the patch.

[Bug]#683: Make util.log_to_file append instead of replace.
Thanks to @vlcinsky for the report.

[Bug]#949: SSHClient and Transport could cause a memory leak if
there’s a connection problem or protocol error, even if Transport.close()
is called. Thanks Kyle Agronick for the discovery and investigation, and
Pierce Lopez for assistance.

[Bug]#971: Allow any type implementing the buffer API to be used with
BufferedFile, Channel, and SFTPFile.
This resolves a regression introduced in 1.13 with the Python 3 porting
changes, when using types such as memoryview. Credit: Martin Packman.

[Support]#956: Switch code coverage service from
coveralls.io to codecov.io (& then disable the latter’s auto-comments.)
Thanks to Nikolai Røed Kristiansen for the patch.

[Bug]#44: (via #891) SSHClient
now gives its internal Transport a handle on
itself, preventing garbage collection of the client until the session is
closed. Without this, some code which returns stream or transport objects
without the client that generated them, would result in premature session
closure when the client was GCd. Credit: @w31rd0 for original report,
Omer Anson for the patch.

[Bug]#44: (via #891) SSHClient
now gives its internal Transport a handle on
itself, preventing garbage collection of the client until the session is
closed. Without this, some code which returns stream or transport objects
without the client that generated them, would result in premature session
closure when the client was GCd. Credit: @w31rd0 for original report,
Omer Anson for the patch.

[Bug]#44: (via #891) SSHClient
now gives its internal Transport a handle on
itself, preventing garbage collection of the client until the session is
closed. Without this, some code which returns stream or transport objects
without the client that generated them, would result in premature session
closure when the client was GCd. Credit: @w31rd0 for original report,
Omer Anson for the patch.

[Bug]#44: (via #891) SSHClient
now gives its internal Transport a handle on
itself, preventing garbage collection of the client until the session is
closed. Without this, some code which returns stream or transport objects
without the client that generated them, would result in premature session
closure when the client was GCd. Credit: @w31rd0 for original report,
Omer Anson for the patch.

[Bug]#859: (via #860) A tweak to the original patch implementing
#398 was not fully applied, causing calls to
invoke_shell to fail with AttributeError.
This has been fixed. Patch credit: Kirk Byers.

[Bug]: Accidentally merged the new features from 1.18.0 into the
2.0.x bugfix-only branch. This included merging a bug in one of those new
features (breaking invoke_shell with an
AttributeError.) The offending code has been stripped out of the 2.0.x
line (but of course, remains in 2.1.x and above.)

[Bug]#859: (via #860) A tweak to the original patch
implementing #398 was not fully applied, causing calls to
invoke_shell to fail with AttributeError.
This has been fixed. Patch credit: Kirk Byers.

[Bug]#859: (via #860) A tweak to the original patch implementing
#398 was not fully applied, causing calls to
invoke_shell to fail with AttributeError.
This has been fixed. Patch credit: Kirk Byers.

[Bug]: Accidentally merged the new features from 1.18.0 into the
2.0.x bugfix-only branch. This included merging a bug in one of those new
features (breaking invoke_shell with an
AttributeError.) The offending code has been stripped out of the 2.0.x
line (but of course, remains in 2.1.x and above.)

[Bug]#859: (via #860) A tweak to the original patch
implementing #398 was not fully applied, causing calls to
invoke_shell to fail with AttributeError.
This has been fixed. Patch credit: Kirk Byers.

[Feature]#398: Add an environment dict argument to
Client.exec_command (plus the
lower level Channel.update_environment and
Channel.set_environment_variable methods) which
implements the env SSH message type. This means the remote shell
environment can be set without the use of VARNAME=value shell tricks,
provided the server’s AcceptEnv lists the variables you need to set.
Thanks to Philip Lorenz for the pull request.

[Feature]#780: (also #779, and may help users affected by
#520) Add an optional timeout parameter to
Transport.start_client (and
feed it the value of the configured connection timeout when used within
SSHClient.) This helps prevent situations where
network connectivity isn’t timing out, but the remote server is otherwise
unable to service the connection in a timely manner. Credit to
@sanseihappa.

[Bug]#681: Fix a Python3-specific bug re: the handling of read
buffers when using ProxyCommand. Thanks to Paul Kapp for catch & patch.

[Bug]#334: Make the subprocess import in proxy.py lazy so
users on platforms without it (such as Google App Engine) can import Paramiko
successfully. (Relatedly, make it easier to tweak an active socket check
timeout [in Transport] which was previously
hardcoded.) Credit: Shinya Okano.

[Bug]#789: Add a missing .closed attribute (plus ._closed
because reasons) to ProxyCommand so the
earlier partial fix for #520 works in situations where one is
gatewaying via ProxyCommand.

[Bug]#742: (also re: #559) Catch AssertionError thrown by
Cryptography when attempting to load bad ECDSA keys, turning it into an
SSHException. This moves the behavior in line with other “bad keys”
situations, re: Paramiko’s main auth loop. Thanks to MengHuan Yu for the
patch.

[Bug]#824: Fix the implementation of PKey.write_private_key_file
(this method is only publicly defined on subclasses; the fix was in the
private real implementation) so it passes the correct params to open().
This bug apparently went unnoticed and unfixed for 12 entire years. Congrats
to John Villalovos for noticing & submitting the patch!

[Feature]#398: Add an environment dict argument to
Client.exec_command (plus the
lower level Channel.update_environment and
Channel.set_environment_variable methods) which
implements the env SSH message type. This means the remote shell
environment can be set without the use of VARNAME=value shell tricks,
provided the server’s AcceptEnv lists the variables you need to set.
Thanks to Philip Lorenz for the pull request.

[Feature]#780: (also #779, and may help users affected by
#520) Add an optional timeout parameter to
Transport.start_client (and
feed it the value of the configured connection timeout when used within
SSHClient.) This helps prevent situations where
network connectivity isn’t timing out, but the remote server is otherwise
unable to service the connection in a timely manner. Credit to
@sanseihappa.

[Support]#819: Document how lacking gmp headers
at install time can cause a significant performance hit if you build PyCrypto
from source. (Most system-distributed packages already have this enabled.)

[Bug]#681: Fix a Python3-specific bug re: the handling of read
buffers when using ProxyCommand. Thanks to Paul Kapp for catch & patch.

[Bug]#334: Make the subprocess import in proxy.py lazy so
users on platforms without it (such as Google App Engine) can import Paramiko
successfully. (Relatedly, make it easier to tweak an active socket check
timeout [in Transport] which was previously
hardcoded.) Credit: Shinya Okano.

[Bug]#789: Add a missing .closed attribute (plus ._closed
because reasons) to ProxyCommand so the
earlier partial fix for #520 works in situations where one is
gatewaying via ProxyCommand.

[Bug]#824: Fix the implementation of PKey.write_private_key_file
(this method is only publicly defined on subclasses; the fix was in the
private real implementation) so it passes the correct params to open().
This bug apparently went unnoticed and unfixed for 12 entire years. Congrats
to John Villalovos for noticing & submitting the patch!

[Bug]#758: Apply type definitions to _winapi module from
jaraco.windows 3.6.1. This
should address issues on Windows platforms that often result in errors like
ArgumentError:[...]inttoolongtoconvert. Thanks to @swohlerLL
for the report and Jason R. Coombs for the patch.

[Bug]#774: Add a _closed private attribute to
Channel objects so that they continue functioning when
used as proxy sockets under Python 3 (e.g. as direct-tcpip gateways for
other Paramiko connections.)

[Bug]#673: (via #681) Fix protocol banner read errors
(SSHException) which would occasionally pop up when using
ProxyCommand gatewaying. Thanks to @Depado for the initial report and
Paul Kapp for the fix.

[Bug]#758: Apply type definitions to _winapi module from
jaraco.windows 3.6.1. This
should address issues on Windows platforms that often result in errors like
ArgumentError:[...]inttoolongtoconvert. Thanks to @swohlerLL
for the report and Jason R. Coombs for the patch.

[Bug]#774: Add a _closed private attribute to
Channel objects so that they continue functioning when
used as proxy sockets under Python 3 (e.g. as direct-tcpip gateways for
other Paramiko connections.)

[Bug]#673: (via #681) Fix protocol banner read errors
(SSHException) which would occasionally pop up when using
ProxyCommand gatewaying. Thanks to @Depado for the initial report and
Paul Kapp for the fix.

[Bug]#758: Apply type definitions to _winapi module from
jaraco.windows 3.6.1. This
should address issues on Windows platforms that often result in errors like
ArgumentError:[...]inttoolongtoconvert. Thanks to @swohlerLL
for the report and Jason R. Coombs for the patch.

[Bug]#774: Add a _closed private attribute to
Channel objects so that they continue functioning when
used as proxy sockets under Python 3 (e.g. as direct-tcpip gateways for
other Paramiko connections.)

[Bug]#673: (via #681) Fix protocol banner read errors
(SSHException) which would occasionally pop up when using
ProxyCommand gatewaying. Thanks to @Depado for the initial report and
Paul Kapp for the fix.

[Bug]#537: Fix a bug in BufferedPipe.set_event which could cause
deadlocks/hangs when one uses select.select against
Channel objects (or otherwise calls Channel.fileno after the channel has closed). Thanks to
Przemysław Strzelczak for the report & reproduction case, and to Krzysztof
Rusek for the fix.

[Bug]#520: (Partial fix) Fix at least one instance of race condition
driven threading hangs at end of the Python interpreter session. (Includes a
docs update as well - always make sure to .close() your clients!)

[Bug]#537: Fix a bug in BufferedPipe.set_event which could cause
deadlocks/hangs when one uses select.select against
Channel objects (or otherwise calls Channel.fileno after the channel has closed). Thanks to
Przemysław Strzelczak for the report & reproduction case, and to Krzysztof
Rusek for the fix.

[Bug]#520: (Partial fix) Fix at least one instance of race condition
driven threading hangs at end of the Python interpreter session. (Includes a
docs update as well - always make sure to .close() your clients!)

[Bug]#537: Fix a bug in BufferedPipe.set_event which could cause
deadlocks/hangs when one uses select.select against
Channel objects (or otherwise calls Channel.fileno after the channel has closed). Thanks to
Przemysław Strzelczak for the report & reproduction case, and to Krzysztof
Rusek for the fix.

[Bug]#520: (Partial fix) Fix at least one instance of race condition
driven threading hangs at end of the Python interpreter session. (Includes a
docs update as well - always make sure to .close() your clients!)

There aren’t enough ways to thank Alex Gaynor for all of his work on this,
and then his patience while the maintainer let his PR grow moss for a year
and change. Paul Kehrer came in with an assist, and I think I saw Olle
Lundberg, @techtonik and @johnthagen supplying backup as well. Thanks
to all!

Warning

This is a backwards incompatible change.

However, it should only affect installation requirements; no API
changes are intended or expected. Please report any such breakages as
bugs.

See our updated installation docs for details on what
is now required to install Paramiko; many/most users should be able to
simply pipinstall-Uparamiko (especially if you upgrade to pip
8).

[Feature]#731: (working off the earlier #611) Add support for 384-
and 512-bit elliptic curve groups in ECDSA key types (aka
ecdsa-sha2-nistp384 / ecdsa-sha2-nistp521). Thanks to Michiel Tiller
and @CrazyCasta for the patches.

[Support]#636: Clean up and enhance the README (and
rename it to README.rst from just README). Thanks to @LucasRMehl.

[Support]#697: Remove whitespace in our
setup.py‘s install_requires as it triggers occasional bugs in some
versions of setuptools. Thanks to Justin Lecher for catch & original
patch.

[Support]#612: Identify & work around a race
condition in the test for handshake timeouts, which was causing frequent test
failures for a subset of contributors as well as Travis-CI (usually, but not
always, limited to Python 3.5). Props to Ed Kellett for assistance during
some of the troubleshooting.

[Support]#621: Annotate some public attributes on
Channel such as .closed. Thanks to Sergey Vasilyev
for the report.

[Support]#729: Clean up setup.py to always use
setuptools, not doing so was a historical artifact from bygone days.
Thanks to Alex Gaynor.

[Bug]#499: Strip trailing/leading whitespace from lines when parsing SSH
config files - this brings things in line with OpenSSH behavior. Thanks to
Alfredo Esteban for the original report and Nick Pillitteri for the patch.

[Bug]#632: Fix logic bug in the SFTP client’s callback-calling functionality;
previously there was a chance the given callback would fire twice at the end
of a transfer. Thanks to @ab9-er for catch & original patch.

[Bug]#670: Due to an earlier bugfix, less-specific Host blocks’
ProxyCommand values were overriding ProxyCommandnone in
more-specific Host blocks. This has been fixed in a backwards compatible
manner (i.e. ProxyCommandnone continues to appear as a total lack of any
proxycommand key in parsed config structures). Thanks to Pat Brisbin for
the catch.

[Support]#636: Clean up and enhance the README (and
rename it to README.rst from just README). Thanks to @LucasRMehl.

[Support]#697: Remove whitespace in our
setup.py‘s install_requires as it triggers occasional bugs in some
versions of setuptools. Thanks to Justin Lecher for catch & original
patch.

[Support]#612: Identify & work around a race
condition in the test for handshake timeouts, which was causing frequent test
failures for a subset of contributors as well as Travis-CI (usually, but not
always, limited to Python 3.5). Props to Ed Kellett for assistance during
some of the troubleshooting.

[Support]#621: Annotate some public attributes on
Channel such as .closed. Thanks to Sergey Vasilyev
for the report.

[Support]#729: Clean up setup.py to always use
setuptools, not doing so was a historical artifact from bygone days.
Thanks to Alex Gaynor.

[Bug]#499: Strip trailing/leading whitespace from lines when parsing SSH
config files - this brings things in line with OpenSSH behavior. Thanks to
Alfredo Esteban for the original report and Nick Pillitteri for the patch.

[Bug]#632: Fix logic bug in the SFTP client’s callback-calling functionality;
previously there was a chance the given callback would fire twice at the end
of a transfer. Thanks to @ab9-er for catch & original patch.

[Bug]#670: Due to an earlier bugfix, less-specific Host blocks’
ProxyCommand values were overriding ProxyCommandnone in
more-specific Host blocks. This has been fixed in a backwards compatible
manner (i.e. ProxyCommandnone continues to appear as a total lack of any
proxycommand key in parsed config structures). Thanks to Pat Brisbin for
the catch.

[Support]#636: Clean up and enhance the README (and
rename it to README.rst from just README). Thanks to @LucasRMehl.

[Support]#697: Remove whitespace in our
setup.py‘s install_requires as it triggers occasional bugs in some
versions of setuptools. Thanks to Justin Lecher for catch & original
patch.

[Support]#612: Identify & work around a race
condition in the test for handshake timeouts, which was causing frequent test
failures for a subset of contributors as well as Travis-CI (usually, but not
always, limited to Python 3.5). Props to Ed Kellett for assistance during
some of the troubleshooting.

[Support]#621: Annotate some public attributes on
Channel such as .closed. Thanks to Sergey Vasilyev
for the report.

[Support]#729: Clean up setup.py to always use
setuptools, not doing so was a historical artifact from bygone days.
Thanks to Alex Gaynor.

[Feature]#356: (also #596, #365, #341, #164,
#581, and a bunch of other duplicates besides) Add support for SHA-2
based key exchange (kex) algorithm diffie-hellman-group-exchange-sha256
and (H)MAC algorithms hmac-sha2-256 and hmac-sha2-512.

This change includes tweaks to debug-level logging regarding
algorithm-selection handshakes; the old all-in-one log line is now multiple
easier-to-read, printed-at-handshake-time log lines.

Thanks to the many people who submitted patches for this functionality and/or
assisted in testing those patches. That list includes but is not limited to,
and in no particular order: Matthias Witte, Dag Wieers, Ash Berlin, Etienne
Perot, Gert van Dijk, @GuyShaanan, Aaron Bieber, @cyphase, and Eric
Brown.

[Feature]#604: Add support for the aes192-ctr and aes192-cbc ciphers.
Thanks to Michiel Tiller for noticing it was as easy as tweaking some key
sizes :D

[Feature]#467: (also #139, #412) Fully enable two-factor
authentication (e.g. when a server requires AuthenticationMethodspubkey,keyboard-interactive). Thanks to @perryjrandall for the patch
and to @nevins-b and Matt Robenolt for additional support.

[Bug]#22: Try harder to connect to multiple network families (e.g. IPv4
vs IPv6) in case of connection issues; this helps with problems such as hosts
which resolve both IPv4 and IPv6 addresses but are only listening on IPv4.
Thanks to Dries Desmet for original report and Torsten Landschoff for the
foundational patchset.

[Bug]#502: Fix ‘exec’ requests in server mode to use get_string
instead of get_text to avoid UnicodeDecodeError on non-UTF-8 input.
Thanks to Anselm Kruis for the patch & discussion.

[Bug]#194: (also #562, #530, #576) Streamline
use of stat when downloading SFTP files via SFTPClient.get; this avoids triggering bugs in some
off-spec SFTP servers such as IBM Sterling. Thanks to @muraleee for the
initial report and to Torkil Gustavsen for the patch.

[Support]#419: Modernize a bunch of the codebase internals to
leverage decorators. Props to @beckjake for realizing we’re no longer on
Python 2.2 :D

[Bug]#359: Use correct attribute name when trying to use Python 3’s
int.bit_length method; prior to fix, the Python 2 custom fallback
implementation was always used, even on Python 3. Thanks to Alex Gaynor.

[Bug]#402: Check to see if an SSH agent is actually present before trying to
forward it to the remote end. This replaces what was usually a useless
TypeError with a human-readable
AuthenticationException. Credit to Ken Jordan for
the fix and Yvan Marques for original report.

[Bug]#353: (via #482) Fix a bug introduced in the Python 3 port
which caused OverFlowError (and other symptoms) in SFTP functionality.
Thanks to @dboreham for leading the troubleshooting charge, and to
Scott Maxwell for the final patch.

[Bug]#469: (also #488, #461 and like a dozen others) Fix a
typo introduced in the 1.15 release which broke WinPageant support. Thanks to
everyone who submitted patches, and to Steve Cohen who was the lucky winner
of the cherry-pick lottery.

[Bug]#490: Skip invalid/unparseable lines in known_hosts files, instead
of raising SSHException. This brings Paramiko’s
behavior more in line with OpenSSH, which silently ignores such input. Catch
& patch courtesy of Martin Topholm.

[Bug]#491: (combines #62 and #439) Implement timeout
functionality to address hangs from dropped network connections and/or failed
handshakes. Credit to @vazir and @dacut for the original patches and
to Olle Lundberg for reimplementation.

[Bug]#359: Use correct attribute name when trying to use Python 3’s
int.bit_length method; prior to fix, the Python 2 custom fallback
implementation was always used, even on Python 3. Thanks to Alex Gaynor.

[Bug]#402: Check to see if an SSH agent is actually present before trying to
forward it to the remote end. This replaces what was usually a useless
TypeError with a human-readable
AuthenticationException. Credit to Ken Jordan for
the fix and Yvan Marques for original report.

[Bug]#353: (via #482) Fix a bug introduced in the Python 3 port
which caused OverFlowError (and other symptoms) in SFTP functionality.
Thanks to @dboreham for leading the troubleshooting charge, and to
Scott Maxwell for the final patch.

[Bug]#469: (also #488, #461 and like a dozen others) Fix a
typo introduced in the 1.15 release which broke WinPageant support. Thanks to
everyone who submitted patches, and to Steve Cohen who was the lucky winner
of the cherry-pick lottery.

[Bug]#490: Skip invalid/unparseable lines in known_hosts files, instead
of raising SSHException. This brings Paramiko’s
behavior more in line with OpenSSH, which silently ignores such input. Catch
& patch courtesy of Martin Topholm.

[Bug]#491: (combines #62 and #439) Implement timeout
functionality to address hangs from dropped network connections and/or failed
handshakes. Credit to @vazir and @dacut for the original patches and
to Olle Lundberg for reimplementation.

[Bug]#359: Use correct attribute name when trying to use Python 3’s
int.bit_length method; prior to fix, the Python 2 custom fallback
implementation was always used, even on Python 3. Thanks to Alex Gaynor.

[Bug]#402: Check to see if an SSH agent is actually present before trying to
forward it to the remote end. This replaces what was usually a useless
TypeError with a human-readable
AuthenticationException. Credit to Ken Jordan for
the fix and Yvan Marques for original report.

[Bug]#353: (via #482) Fix a bug introduced in the Python 3 port
which caused OverFlowError (and other symptoms) in SFTP functionality.
Thanks to @dboreham for leading the troubleshooting charge, and to
Scott Maxwell for the final patch.

[Bug]#469: (also #488, #461 and like a dozen others) Fix a
typo introduced in the 1.15 release which broke WinPageant support. Thanks to
everyone who submitted patches, and to Steve Cohen who was the lucky winner
of the cherry-pick lottery.

[Bug]#490: Skip invalid/unparseable lines in known_hosts files, instead
of raising SSHException. This brings Paramiko’s
behavior more in line with OpenSSH, which silently ignores such input. Catch
& patch courtesy of Martin Topholm.

[Bug]#491: (combines #62 and #439) Implement timeout
functionality to address hangs from dropped network connections and/or failed
handshakes. Credit to @vazir and @dacut for the original patches and
to Olle Lundberg for reimplementation.

[Bug]#496: Fix a handful of small but critical bugs in Paramiko’s
GSSAPI support (note: this includes switching from PyCrypo’s Random to
os.urandom). Thanks to Anselm Kruis for catch & patch.

[Bug]#415: Fix ssh_config parsing to correctly interpret ProxyCommandnone as the lack of a proxy command, instead of as a literal command string
of "none". Thanks to Richard Spiers for the catch & Sean Johnson for the
fix.

[Bug]#428: Fix an issue in BufferedFile (primarily used in
the SFTP modules) concerning incorrect behavior by
readlines on files whose size exceeds the
buffer size. Thanks to @achapp for catch & patch.

[Bug]#399: SSH agent forwarding (potentially other functionality as
well) would hang due to incorrect values passed into the new window size
arguments for Transport (thanks to a botched merge).
This has been corrected. Thanks to Dylan Thacker-Smith for the report &
patch.

[Bug]#320: Update our win_pageant module to be Python 3 compatible. Thanks to
@sherbang and @adamkerz for the patches.

[Bug]#415: Fix ssh_config parsing to correctly interpret ProxyCommandnone as the lack of a proxy command, instead of as a literal command string
of "none". Thanks to Richard Spiers for the catch & Sean Johnson for the
fix.

[Bug]#428: Fix an issue in BufferedFile (primarily used in
the SFTP modules) concerning incorrect behavior by
readlines on files whose size exceeds the
buffer size. Thanks to @achapp for catch & patch.

[Bug]#399: SSH agent forwarding (potentially other functionality as
well) would hang due to incorrect values passed into the new window size
arguments for Transport (thanks to a botched merge).
This has been corrected. Thanks to Dylan Thacker-Smith for the report &
patch.

[Bug]#320: Update our win_pageant module to be Python 3 compatible. Thanks to
@sherbang and @adamkerz for the patches.

[Bug]#415: Fix ssh_config parsing to correctly interpret ProxyCommandnone as the lack of a proxy command, instead of as a literal command string
of "none". Thanks to Richard Spiers for the catch & Sean Johnson for the
fix.

[Bug]#428: Fix an issue in BufferedFile (primarily used in
the SFTP modules) concerning incorrect behavior by
readlines on files whose size exceeds the
buffer size. Thanks to @achapp for catch & patch.

[Bug]#399: SSH agent forwarding (potentially other functionality as
well) would hang due to incorrect values passed into the new window size
arguments for Transport (thanks to a botched merge).
This has been corrected. Thanks to Dylan Thacker-Smith for the report &
patch.

[Feature]#218: Add support for ECDSA private keys on the client side. Thanks
to @aszlig for the patch.

[Feature]#372: Update default window & packet sizes to more closely adhere to
the pertinent RFC; also expose these settings in the public API so they may
be overridden by client code. This should address some general speed issues
such as #175. Big thanks to Olle Lundberg for the update.

[Feature]#362: Allow users to control the SSH banner timeout. Thanks to Cory
Benfield.

[Bug]#234: Lower logging levels for a few overly-noisy log messages
about secure channels. Thanks to David Pursehouse for noticing & contributing
the fix.

[Bug]#298: Don’t perform point validation on ECDSA keys in
known_hosts files, since a) this can cause significant slowdown when such
keys exist, and b) known_hosts files are implicitly trustworthy. Thanks
to Kieran Spear for catch & patch.

Note

This change bumps up the version requirement for the ecdsa library to
0.11.

[Bug]#373: Attempt to fix a handful of issues (such as #354)
related to infinite loops and threading deadlocks. Thanks to Olle Lundberg as
well as a handful of community members who provided advice & feedback via
IRC.

[Bug]#346: Fix an issue in private key files’ encryption salts that
could cause tracebacks and file corruption if keys were re-encrypted. Credit
to Xavier Nunn.

[Bug]#272: Fix a bug where known_hosts parsing hashed the input hostname
as well as the hostnames from the known_hosts file, on every comparison.
Thanks to @sigmunau for final patch and @ostacey for the original
report.

[Bug]#312:paramiko.transport.Transport had a bug in its __repr__ which
surfaces during errors encountered within its __init__, causing
problematic tracebacks in such situations. Thanks to Simon Percivall for
catch & patch.

[Bug]#376: Be less aggressive about expanding variables in ssh_config
files, which results in a speedup of SSH config parsing. Credit to Olle
Lundberg.

[Bug]#272: Fix a bug where known_hosts parsing hashed the input hostname
as well as the hostnames from the known_hosts file, on every comparison.
Thanks to @sigmunau for final patch and @ostacey for the original
report.

[Bug]#312:paramiko.transport.Transport had a bug in its __repr__ which
surfaces during errors encountered within its __init__, causing
problematic tracebacks in such situations. Thanks to Simon Percivall for
catch & patch.

[Bug]#376: Be less aggressive about expanding variables in ssh_config
files, which results in a speedup of SSH config parsing. Credit to Olle
Lundberg.

[Bug]:paramiko.file.BufferedFile.read incorrectly returned text strings
after the Python 3 migration, despite bytes being more appropriate for file
contents (which may be binary or of an unknown encoding.) This has been
addressed.

[Bug]:paramiko.file.BufferedFile.read incorrectly returned text strings
after the Python 3 migration, despite bytes being more appropriate for file
contents (which may be binary or of an unknown encoding.) This has been
addressed.

[Bug]:paramiko.file.BufferedFile.read incorrectly returned text strings
after the Python 3 migration, despite bytes being more appropriate for file
contents (which may be binary or of an unknown encoding.) This has been
addressed.

[Bug]#252: (Fabric #1020)
Enhanced the implementation of ProxyCommand to avoid a deadlock/hang
condition that frequently occurs at Transport shutdown time. Thanks to
Mateusz Kobos, Matthijs van der Vleuten and Guillaume Zitta for the original
reports and to Marius Gedminas for helping test nontrivial use cases.

[Bug]#252: (Fabric #1020)
Enhanced the implementation of ProxyCommand to avoid a deadlock/hang
condition that frequently occurs at Transport shutdown time. Thanks to
Mateusz Kobos, Matthijs van der Vleuten and Guillaume Zitta for the original
reports and to Marius Gedminas for helping test nontrivial use cases.

[Bug]#252: (Fabric #1020)
Enhanced the implementation of ProxyCommand to avoid a deadlock/hang
condition that frequently occurs at Transport shutdown time. Thanks to
Mateusz Kobos, Matthijs van der Vleuten and Guillaume Zitta for the original
reports and to Marius Gedminas for helping test nontrivial use cases.

[Bug]#87: Ensure updates to known_hosts files account for any
updates to said files after Paramiko initially read them. (Includes related
fix to guard against duplicate entries during subsequent known_hosts
loads.) Thanks to @sunweaver for the contribution.

[Bug]#98: On Windows, when interacting with the PuTTY PAgeant, Paramiko
now creates the shared memory map with explicit Security Attributes of the
user, which is the same technique employed by the canonical PuTTY library to
avoid permissions issues when Paramiko is running under a different UAC
context than the PuTTY Ageant process. Thanks to Jason R. Coombs for the
patch.

[Support]#100: Remove use of PyWin32 in win_pageant module. Module was
already dependent on ctypes for constructing appropriate structures and had
ctypes implementations of all functionality. Thanks to Jason R. Coombs for
the patch.

[Feature]#110: Honor SSH config AddressFamily setting when looking up
local host’s FQDN. Thanks to John Hensley for the patch.

[Feature]#93: Overhaul SSH config parsing to be in line with manssh_config (& the behavior of ssh itself), including addition of parameter
expansion within config values. Thanks to Olle Lundberg for the patch.

[Feature]#66: Batch SFTP writes to help speed up file transfers. Thanks to
Olle Lundberg for the patch.

[Bug]#102: Forego random padding for packets when running under
*-ctr ciphers. This corrects some slowdowns on platforms where random
byte generation is inefficient (e.g. Windows). Thanks to @warthog618 for
catch & patch, and Michael van der Kolff for code/technique review.

[Bug]#133: Fix handling of window-change events to be on-spec and not
attempt to wait for a response from the remote sshd; this fixes problems with
less common targets such as some Cisco devices. Thanks to Phillip Heller for
catch & patch.